View Enterprise Data Loss Prevention (DLP) Log Details
View the log details for traffic that matches your data
filtering profiles Enterprise Data Loss Prevention (DLP).
When the managed firewall detects sensitive
content during a file upload, and you have created an Alert or Block
action, a Data Filtering log is generated. You can filter and view
the detailed log data for detected traffic such as the policy rule
information, the source and destination of the traffic, and the
data profile that the data pattern is associated with. Additionally,
the detailed log view displays the specific data pattern that the
traffic matched and displays the total number of unique and total
occurrences of data pattern matches. Viewing the detailed logs is
only available on Panorama.
When the managed firewall detects
sensitive content during a file upload, and you have created an
Alert or Block action, it generates a log. You can then view the
sensitive content, called a
, from the Data Filtering
logs. A snippet is evidence or identifiable information associated
with a pattern match. For example, if you specified a data pattern
of Credit Card Number, the managed firewall returns the user’s social
security number as the snippet that was matched. By default, the
managed firewall returns snippets.
The managed firewall uses
to mask the data in the snippets. By default, the data
filtering log displays the last four digits of the value in clear
text (partial masking). For example, data filtering log displays
a snippet of a credit card number as
You can also specify the data to be completely displayed in clear
text, or fully mask the data to hide all the values.
the DLP-specific logs, including file snippets, complete the following